In accordance with the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council, hereinafter: GDPR), ENDURESCREENS Kft. hereby informs users about data processing on its website www.endurescreens.com (hereinafter: Website) operated by the company.
1. Data Controller
Company Name: Endurescreens Korlátolt Felelősségű Társaság
Seat: 1123 – Budapest, Alkotás út 53. Mom Park Office Center, Tower A, 6th floor
Tax number: 25990575-2-43
Registration Number: 01-09-300368
Email address: firstname.lastname@example.org
Telephone: +36 1 808 9456 (hereinafter: Controller)
The personal data processed by the Controller may be accessed by the Controller’s employees only to such extent as is necessary to achieve the goal of data processing specified in point 2.
2. Legal basis, purpose and duration of data processing, type of data being processed
The Controller may process the personal data on the following legal basis, for the following purposes and for the following duration:
Legal basis of data processing: The Data Subject’s consent (paragraph a) of Article 6(1) of the GDPR)
Data processed: Name, telephone or email address (one of them is obligatory).
Purpose of data processing: To get into contact with the Data Subject.
Duration of data processing: Until the case opened with the customer service is closed.
If the requested obligatory data are not provided, the Controller is unable to provide the service requested by Data Subject i.e. it is unable to contact the user.
The Data Subject may withdraw their consent to the processing of data at any time via the Controller’s contact details specified in point 1.
3. Data Processors
The Controller may disclose the data to the following data processors for the purpose of operating the website.
The Processors shall conduct data processing in accordance with the Controller’s instructions, shall not make any important decisions concerning the data processing, may process the personal data disclosed to them exclusively in accordance with the Controller’s instructions, shall not process data for their own purposes, and shall store, preserve or delete the personal data as instructed by the Controller. During data processing, the data may be accessed by the data processor’s employees.
Software Maintenance, Updates:
Processor’s address: 1033 – Budapest, Hévízi út 2.
Processing operations: Webhosting service
Categories of data affected by data processing: Name, email address, telephone, IP address.
Processor’s address: 1600 Amphitheatre Parkway Mountain View, CA 94043 USA
Processing operations: Using Analytics and Remarketing
Categories of data affected by data processing: IP address
4.Transmission of Data
The Controller shall not transmit the data to any third party.
5.Rights and Remedies of the Data Subject
Right to access
The Data Subject has the right to request information from the Controller as to whether their personal data are being processed by the Controller. The Data Subject has the right to access the personal data processed by the Controller. The Data Subject also has the right to access information contained in this notice.
Right to rectification
The Data Subject has the right to obtain from the Controller without undue delay the rectification of inaccurate personal data or completion of any missing personal data of Data Subject.
Right to erasure / right to be forgotten
The Data Subject has the right to obtain from the Controller the erasure of their personal data without undue delay. In case deletion is requested, the Controller shall identify the exact legal basis of data processing (i.e. whether it has any legal basis other than the Data Subject’s consent), and if the conditions for deletion are met, it shall delete the data concerned. In case of deletion, the Controller shall make sure that all parties to whom the data was disclosed through the Controller delete the same.
Right to restriction of processing
The Data Subject has the right to request the restriction of processing if they dispute the accuracy of the data processed, or object to the deletion of data in case of unlawful data processing, the Controller does not need the data anymore but the Data Subject needs the same for exercising their rights, or the Data Subject has objected to the processing of their data. The Data Subject shall be informed by the Controller before the restriction of processing is lifted. The Controller shall notify the restriction to all recipients to whom the personal data concerned has been disclosed.
Right to data portability
The Data Subject shall have the right to receive the personal data concerning them in a structured, commonly used and machine-readable format and to transfer such data to another Controller (or instruct the Controller to transfer the same where it is technically viable). The Data Subject shall have this right if data processing is based on consent or a contract and data processing is done using automated decision-making.
Right to object
The Data Subject shall have the right to object, on grounds relating to their particular situation, to the processing of personal data concerning the Data Subject if it is necessary for performing a task in the interest of the public or for the Controller to perform a task as a public authority or where the basis of data processing is in the legitimate interest of the Controller or another third party. The Data Subject may object to any direct marketing (sending promotional offers) or profiling activity by the Controller at any time . At the request of the Data Subject, the Controller shall provide the requested information in writing or, where the Data Subject withdrew their consent, delete the data in the shortest possible time but no later than within 30 days after the submission of the request. In case of rectification or deletion, the Controller shall notify all recipients to whom personal data has been disclosed. If the Controller is unable to satisfy Data Subject’s request, it shall notify the Data Subject of this within 30 days.
The Controller hereby informs the Data Subjects that the withdrawal of consent to data processing shall not affect the lawfulness of processing done on the basis of consent before its withdrawal.
The Data Subject may exercise their rights related to data processing at the Controller’s contact details specified in point 1.
In case the Data Subject requests legal remedy, they may, at their sole discretion, turn either to the National Authority for Data Protection and Freedom of Information (1125 Budapest, Szilágyi Erzsébet fasor 22/c., postal address: 1530 Budapest, Pf.: 5., www.naih.hu, telephone: (06 1) 391-1400, fax: (06 1) 391-1410, email@example.com) or to the local court that has jurisdiction according to the Controller’s seat or the Data Subject’s home address or current residence.
The Controller shall conduct data processing in a manner which ensures the protection of the Data Subjects’ privacy. The Controller shall apply information technology solutions based on the state of the art from time to time to protect data in particular against unauthorized access, modification, transmission, publication, deletion or destruction, or incidental loss or corruption, or becoming inaccessible due to a change in the applied technology.